Dyn Hacked by IOT Mirai Malware

Hacked Cameras, DVRs Powered Today’s Massive Internet Outage
By Brian Krebbs
Oct 21 2016

A massive and sustained Internet attack that has caused outages and network congestion today for a large number of Web sites was launched with the help of hacked “Internet of Things” (IoT) devices, such as CCTV video cameras and digital video recorders, new data suggests.

Earlier today cyber criminals began training their attack cannons on Dyn, an Internet infrastructure company that provides critical technology services to some of the Internet’s top destinations. The attack began creating problems for Internet users reaching an array of sites, including Twitter, Amazon, Tumblr, Reddit, Spotify and Netflix.

At first, it was unclear who or what was behind the attack on Dyn. But over the past few hours, at least one computer security firm has come out saying the attack involved Mirai, the same malware strain that was used in the record 620 Gpbs attack on my site last month. At the end September 2016, the hacker responsible for creating the Mirai malware released the source code for it, effectively letting anyone build their own attack army using Mirai.

Mirai scours the Web for IoT devices protected by little more than factory-default usernames and passwords, and then enlists the devices in attacks that hurl junk traffic at an online target until it can no longer accommodate legitimate visitors or users.

According to researchers at security firm Flashpoint, today’s attack was launched at least in part by a Mirai-based botnet. Allison Nixon, director of research at Flashpoint, said the botnet used in today’s ongoing attack is built on the backs of hacked IoT devices — mainly compromised digital video recorders (DVRs) and IP cameras made by a Chinese hi-tech company called XiongMai Technologies. The components that XiongMai makes are sold downstream to vendors who then use it in their own products.

“It’s remarkable that virtually an entire company’s product line has just been turned into a botnet that is now attacking the United States,” Nixon said, noting that Flashpoint hasn’t ruled out the possibility of multiple botnets being involved in the attack on Dyn.

“At least one Mirai [control server] issued an attack command to hit Dyn,” Nixon said. “Some people are theorizing that there were multiple botnets involved here. What we can say is that we’ve seen a Mirai botnet participating in the attack.”

As I noted earlier this month in Europe to Push New Security Rules Amid IoT Mess, many of these products from XiongMai and other makers of inexpensive, mass-produced IoT devices are essentially unfixable, and will remain a danger to others unless and until they are completely unplugged from the Internet.

That’s because while many of these devices allow users to change the default usernames and passwords on a Web-based administration panel that ships with the products, those machines can still be reached via more obscure, less user-friendly communications services called “Telnet” and “SSH.”

Telnet and SSH are command-line, text-based interfaces that are typically accessed via a command prompt (e.g., in Microsoft Windows, a user could click Start, and in the search box type “cmd.exe” to launch a command prompt, and then type “telnet” to reach a username and password prompt at the target host).


Posted in NetHappenings

Toxic chemicals tied to $340 billion in U.S. health costs and lost wages

Toxic chemicals tied to $340 billion in U.S. health costs and lost wages

Chemicals found in plastic bottles, flame retardants, metal food cans, detergents, cosmetics and pesticides cost the U.S. more than $340 billion a year in health costs and lost earnings, a new study estimates.

That’s more than twice the annual estimated cost of $163 billion in the European Union, where regulations may limit exposure to some of these chemicals, researchers note in The Lancet Diabetes and Endocrinology.

The chemicals in question are known as endocrine disruptors because they can interfere with the body’s endocrine, or hormone, system and produce negative developmental, reproductive, neurological and immune effects.

Absent changes in regulations, there’s still plenty people can do to limit their exposure to the chemicals, Trasande noted.

“These include eating organic foods, avoiding microwaving food in plastic containers, limiting canned food consumption, and washing plastic food containers by hand instead of putting them in the dishwasher,” Trasande said.

“People can also avoid using plastic containers labeled on the bottom with the numbers 3, 6 or 7 inside the recycle symbol, in which chemicals such as phthalates are used,” he said. “Switching to “all natural” or “fragrance-free” cosmetics can also reduce exposure.”

SOURCE: bit.ly/1KTihJx The Lancet Diabetes and Endocrinology, online October 17, 2016.


Toxic Plastic Numbers #3,4,5,6,7

Posted in NetHappenings

Coca-Cola Marketing Guru Secretly Worked Behind the Scenes to Brand Hillary as a Super Hero



According to Federal election law, after a candidate spends $5,000 or more on their campaign, it must file a notification with the FEC and begin reporting contributions and disbursements. Hillary Clinton filed her notification with the FEC on April 13, 2015, but when her first quarterly filing was made, the FEC web site lists payments to Clark Advisory Services, LLC at the home address of Wendy Clark in Atlanta, Georgia in January 2015 and March 2015, when according to the FEC, there was no Hillary for America campaign account from which to make those payments, and another payment on April 14, 2015, one day after Clinton filed with the FEC. (The total of the three payments to Clark came to $49,998.)

FEC filings also show that Huma Abedin, a long time aide to Hillary Clinton, was paid from the Hillary for America campaign account at the rate of $6,769.25 every two weeks, beginning in January 2015 – three months before the campaign had established the Hillary for America campaign committee with the FEC.

Marc Elias at Perkins Coie is the lawyer for the Clinton campaign. Wall Street On Parade emailed him last evening to inquire how the campaign was able to make payments in January, February and March – when, according to the FEC, it didn’t exist.

Posted in NetHappenings

How a Swing State #Election is Vulnerable to #Diebold Accuvote TS




#Pennsylvania is a swing state and should have security concerns.


Marian K. Schneider was appointed Deputy Secretary for Elections and Administration on February 2, 2015.

#ElectionVerificationNetwork @marianschneider #VotesPA

Posted in NetHappenings

CA prescription drug measure #PROP61 #YesOn61 #NoOn61


“People are dying because they can’t afford medicine” Sanders supports CA prescription drug measure #Yeson61


EpiPen-maker Mylan – make your own

The price of generic drugs can vary widely from one pharmacy to the next.

Comparison Chart

Study – Costco is the best

You Don’t need to be a Costco member to go in there and use their pharmacy to buy the drugs you need just a Visa card or cash!



Posted in NetHappenings